26 March 2021Insurance

Cyber attacks on Microsoft servers could lead to 'long-tail of attritional claims' for re/insurers: CyberCube

Recent cyber attacks on the servers running Microsoft’s best-selling email services could result in large numbers of claims for insurers, according to CyberCube, the cyber analytics company.

Tens of thousands of Microsoft Exchange servers in businesses and organisations around the world could have been infected during a series of concerted cyber attacks since the beginning of 2021. In a report examining the issue, titled Understanding the potential fall-out from the ongoing Microsoft Exchange attacks, CyberCube said large-to-medium sized businesses globally are vulnerable. Companies in North America, Germany, Australasia, Africa and the Middle East are particularly at risk, it said.

The cyber attacks are believed to have come from Chinese state-sponsored hackers and exploited vulnerabilities in Microsoft Exchange servers that allowed malicious code to be placed on them. This code can be used for ransomware, espionage or even misdirecting the system’s resources to mine for cryptocurrency on behalf of the criminals.

CyberCube estimated that 10 different “advanced persistent threat actors” globally are now actively exploiting the code used in this attack in a variety of ways.

Re/insurance companies are “likely to see a long-tail of attritional claims resulting from this attack,” CyberCube warned.

William Altman, cyber security consultant at CyberCube and one of the report’s authors, said the insurance industry is only now beginning to understand the potential extent of the exposure, with losses to intellectual property more difficult to measure.

“An accumulation of loss could result in multiple – theoretically, tens of thousands – of companies making insurance claims to cover investigation, legal, business interruption and possible regulatory fines,” he said. “There is still the ongoing possibility that even more attackers will launch ransomware or other types of destructive cyber attacks.”

Did you get value from this story? Sign up to our free daily newsletters and get stories like this sent straight to your inbox.

Already registered?

For multi-user price options, or to check if your company has an existing subscription that we can add you to for FREE, please email Elliot Field at efield@newtonmedia.co.uk or Adrian Tapping at atapping@newtonmedia.co.uk